Knowledge, expertise and trust are crucial pillars of the service of PNO Consultants and the other group companies affiliated to the PNO Group holding B.V. We are committed to giving you clarity on how we handle your personal data.PNO operates under the names PNO Consultants, CiaoTech, PNO Participation, PNO Innovation, PNO GrantTools, ffiqs, ttopstart, INNFLOW, Nehem, EGEN, InventiveNL and ARTTIC. In this Privacy Statement we inform you about our approach to handling and processing of personal data. Rijswijk, June 1st, 2019
1. Contact detailsPNO Group holding B.V. (PNO Consultants / PNO) is the controller and is located at Laan van Zuid Hoorn 15, 2289 DC in Rijswijk. You can contact us by at +31 (0) 88-838 13 81, by e-mail at email@example.com.
2. Who is this Privacy Statement applicable to?This Privacy Statement applies to all persons whose personal data PNO processes, with the exception of persons working at PNO. Personal data means any data that contains information about persons through which those persons are identifiable. This Privacy Statement applies to:
- clients of PNO,
- potential clients with whom PNO has made or wants to make contact,
- visitors to the website of PNO,
- recipients of newsletters and commercial e-mails from PNO, and
- any other person who contacts PNO or whose personal data is processed by PNO.
3. Which personal data do we process?By processing personal data we mean: collecting, recording, organising, storing, updating, modifying, retrieving, consulting, using, providing by means of forwarding, distribution or any other form of posting, bringing together, linking together, and to protect, erase or destroy your personal data. We process personal data that you have provided to us, personal data generated during your visit to our website and reading newsletters and personal data that we have derived from other sources, such as business social media platforms and business cards. Personal information provided by you:
- contact details and other personal data needed to handle your assignment by a consultant,
- contact details and other personal data entered on contact forms or other web forms, and
- contact information provided during introductory talks, events, seminars, etc., such as information on business cards.
- IP number,
- your surfing behavior on the website, such as data about the first visit, previous visit and current visit, the pages viewed and the way in which the website is navigated, and
- whether you open a newsletter or commercial e-mail and on which parts you click.
- personal data available on public business social media platforms such as LinkedIn,
- personal data obtained from the Trade Register of the Chamber of Commerce, and
- personal data available on public business websites.
4. What do we use your personal data for?We use your personal data for different purposes. These are listed and elaborated on below:
- The execution of a contract in which you have engaged us for the purpose of delivering innovation and financial consulting services by our consultants.
- Compliance with legal obligations.
- Maintaining contact with you.
- Improving our product and service information and carrying out targeted marketing campaigns.
- Interaction data: Obtain personal data and contact between PNO and you. For example about your use of our website or supported applications. This also applies to offline interactions, such as how often and when there is contact between PNO and you.
- Behavioral data: Personal data that PNO processes about your behavior, such as your preferences, opinions, wishes and needs. We can derive this data from your surfing behavior on our website, reading our newsletters or by requesting information. But also through contact, incoming telephone calls and e-mail contact with our employees. Information obtained through tracking cookies, we collect and use only with your permission, which you can always withdraw. See our cookie statement PNO cookie-policy
- Performing and analysing research on client satisfaction.
- Sometimes we ask clients to cooperate in a client satisfaction survey. This is done through an online questionnaire. Participation is voluntary. Prior to each client satisfaction survey you will receive further information about the working method and the way we deal with the information gathered.
- Improving and securing our website www.pnoconsultants.com.
- Creating user statistics. The user statistics of the website enable us to track the number of visitors, the duration of the visit, which parts of the website are being viewed and the click-behavior. It concerns generic reporting, without information about individuals. We use the information obtained to improve the website.
- Access control and company security.
- If you visit our office, we will note your name on arrival. In addition, camera images may be made on the outside of the office, at the reception desk and at the entrance to the meeting rooms. We do this to know in case of emergencies who is in the building and to ensure that unauthorised people do not have access to the office. Camera images are in principle destroyed after 10 working days.
5. Security levelWe protect personal data through technical and administrative security measures to minimise the risk of loss, misuse, unauthorised access, disclosure and modification. You can think of security software such as a virus scanner and firewalls, a secure internet connection, encryption of data and physical and administrative access controls to data and servers. The PNO IT department is ISO 27001 certified for the ffiqs processes where PNO processes volumes of personal data.
6. Storage of personal dataWe do not store your personal data for longer than is strictly necessary for the execution of the purposes. If legal regulations apply to the storage, the personal data will not be kept longer than prescribed by law.
7. Legal basis of the processingWe process personal data on the basis of one of the following legal grounds:
- on the basis of an agreement or in the run up to the conclusion of an agreement,
- legal obligation,
- in connection with a legitimate interest.
- Permission: If we have requested your permission to process your personal data and you have given this permission, then you also have the right to withdraw this consent.
- Agreement or in the run up to the conclusion of an agreement: If you give us an assignment to provide innovation or financing consultancy services, we process personal data if and insofar as this is necessary for the execution of the assignment.
- Legal obligation: We only provide personal data to supervisors of investigative authorities if this is legally required. We will take measures in such cases that are reasonably necessary to ensure that your personal data is protected as good as possible.
- Justified interest: We may also process personal data if we have a legitimate interest and do not therefore disproportionately infringe your privacy. For example, we use your contact information to invite you for seminars and events.
8. ProcessorsWe may use service providers (processors) for the processing of your personal data that only process personal data in our order. We conclude a processor agreement with these processors that meets the requirements set by the General Data Protection Regulation (AVG). For example, we work with service providers that offer SaaS solutions (software as a service) or provide hosting services. Furthermore, there are ICT service providers who offer us support in keeping our systems safe and stable. We also use third-party services for sending newsletters and commercial e-mails. These are examples of parties that can be designated as (sub) processors as referred to in the General Data Protection Regulation (AVG).
9. Share personal data with third partiesSometimes it is necessary to share your personal data with third parties, which – depending on the circumstances of the case – are necessary in the handling of your dossier. We also share a basic set of contact details with our subsidiaries within Europe with the aim of generating consultancy opportunities. There are also legal obligations that lead to personal data being passed on to third parties. In the following cases personal data will be provided to third parties:
- When processing a dossier, it may be necessary to share your personal data with third parties. For example in probing or asking for funding to a government, or the conclusion of an agreement with further parties.
- If a court decision obliges us to provide personal data to third parties, we will have to comply with this.
- Your personal data will not be shared with third parties for commercial purposes. There is one exception to this. Sometimes we organise a joint activity with another organization, such as an event or seminar. In that case, only the necessary contact details are exchanged.
- Personal data can also be provided to third parties, in the event of a reorganisation or merger of our company or sale of (a part of) our company.